Pages

Thursday, June 23, 2011

Identifying the hacktivists of the emerging cyberwar

The hacktivist landscape has become increasingly cluttered, and while the anonymity they cling to makes clearly labeling each player difficult, the rising division between these groups is beginning to give them distinct identities.

The Internet has never been a safe place, and since its inception, and introduction to consumers, privacy and security have been a major concern. Of course, now that the average person’s computer skills are many times over what they used to be, that only amplifies the problem. Couple this with the fact that millions and millions of people are uploading mass amounts of personal and sensitive data and you’ve got a recipe for some serious cyber-insecurity. The advent of hackers with a conscience has exacerbated the situation while also putting a new twist on Web ethics.
Anonymous and LulzSec have become household names, and their Internet antics have captured the attention of just about everyone, including the CIA. But as identities and opponents merge, the cyberwar landscape has become confusing. Consider this an introductory course to the who’s who of hackers.

Anonymous

Anonymous first largely appeared on many radars after making worldwide headlines for its attack on the Church of Scientology in what they called Project Chanology. But more recently the group became a household name shortly after the WikiLeaks Cablegate debacle.
When various websites refused to host WikiLeak’s site, and credit card companies wouldn’t offer a way for people to make donations to the group, the hacktivists took it upon themselves to fight WikiLeak’s enemies. Anonymous used a series of DDoS to take down MasterCard, Visa, PayPal and drew the ire of international law authorities.
So where did Anonymous come from? The group organized via popular forum 4chan and past victims include the Church of Scientology, Internet predator Chris Forcand, and censorship proponents worldwide. Many of its actions have been motivated by the groups’ personal morals, which largely focus on freedom of information. Much of its recent work has centered on the Middle East rebellions, and the group has publicly announced its fight against Iran and Egypt. Other notable targets were HB Gary, Sony PlayStation (although Anonymous claimed innocence for the PSN collapse), and Bank of America.
The group’s various press releases and announcements are typically well written and almost business-like, as have been its denials. It has often had to defend itself against many groups claiming to be hacked by Anonymous. There have been rumors of inner turmoil that has led to different factions with separate agendas and personalities. At the moment, AnonNews is down due to DDoS attacks.

LulzSec

If Anonymous is the student body president of hackers, LulzSec is the class clown. The group hasn’t been on the public scene very long, first gaining notoriety about a month ago when attacked Fox.com in retaliation for calling the rapper Common “vile.” But LulzSec’s first breakthrough performance came when it hacked PBS and posted a fake report that Tupac Shakur was alive. The group claimed that this was in response to negative attention directed toward WikiLeaks and Bradley Manning. LulzSec also claimed responsibility for some of Sony’s hacked web properties. Over the last month, LulzSec has also hit the FBI, Nintendo, and the CIA websites.
Despite some of its very serious and established opponents, LulzSec has time and time again affirmed it’s “in it for the lulz.” The group has also been extremely communicative with the public via its Twitter feed and even a phone request line, where it will take suggestions for hacks. The group has more of a prankster air to it then serious freedom defender, although its beliefs seem to align with Anonymous’. LulzSec has taking to mocking its victims more openly and in a more lighthearted tone than Anonymous has, though, giving it an entirely different reputation than its more serious counterpart.

Anonymous vs. LulzSec?

There were rumors that Anonymous and LulzSec were opponents. After a series of DDoS attacks that slowed down various online games because of malicious traffic, some frustrated 4chan users decided to begin their own DDoS retaliation against LulzSec. The group then used its massively popular Twitter account to attack 4chan, which Anonymous took as a personal affront. By later that day, however, both had denied such a rivalry, and the two have since united for Operation Anti-Security to expose faulty handling of user data.

Web Ninjas vs. Anonymous and LulzSec

It’s a good thing Anonymous and LulzSec teamed up when they did, because Web Ninjas has its eye on them. It’s rumored Web Ninjas is the home of Th3J35t3r, who took down WikiLeaks shortly after it posted its stash of confidential diplomatic cables in fall 2010. Whether or not he’s a part of the coalition, the group insists it’s working for a “safer and peaceful Internet for everyone, not some bunch of kids threatening [the] Web and trying to own it for LULZ or in the name of publicity or financial gain or anti-government agenda.” The group released a large amount of information about the alleged identities of LulzSec hackers, including their whereabouts. LulzSec has denied the seriousness and truth behind these revelations, but an associate of the group was arrested today. LulzSec downplayed the amount of his involvement in the group, saying he is largely inconsequential to their operations. LulzSec also released the information of someone they believe attempted to out them.

Idahc

Residing (purportedly) outside this interwoven ring of hackers is Idahc. The Lebanese hacker is reportedly an 18-year-old computer science student and runs a one-man operation seemingly focused on Sony and Sony alone. He personally has moral issues with Sony, particularly for its treatment of George “GeoHot” Hotz and has said “If you want ethics, go cry to Anonymous. True lulz fans, stay tuned in.” He is thought to be behind many if not all of the hacks to various Sony Web properties. Idahc calls himself a grey hat focused on exposing the insecurity of Sony user accounts.

Despite their claims of independence and purported ethical intentions, the very nature of the groups inspires distrust. And it’s difficult to admit that with the apprehension toward supporting what are legally cyber-criminals, comes some sort of interest mixed with understanding: Whether or not you agree with all of their ploys, combating oppressive regimes and censorship while also exposing the careless liberties large corporations is difficult to oppose. Of course if you’re one of the many who’s had their email and password plastered all over PasteBin recently, you might feel otherwise.